Android Flaw Lets Hackers Hijack System Updates

[Guest]

Hackers could create harmless-looking apps that lie in wait and turn on their users once they update to the latest version of Android.

Android Flaw Lets Hackers Hijack System Updates : Read more

 

[William Eddins]

It's only an exploit if those devices on 2.3 are updated. I don't think that's going to be a problem.

 

[PudgyChicken]

Ah, yes, I see. Since this has never been used maliciously, let's just publish a report detailing exactly how it works and draw in a lot of publicity before Google has a chance to patch it. Brilliant.

 

[derekullo]

All Your Updates Are Belong To Us

 

[house70]

Basically, the permissions are granted in a very old Android version, then "grandfathered" into the updated one(if the device ever gets updated).This is useless, mainly because devices that are still on 2.3 will NEVER see any updates. Ever. Also, it is useless because nobody makes devices that run 2.3 anymore, and the exploit is a few years too late.Finally, because the fault lies with the way 2.3 was dealing with unknown permissions. This whole thing is nothing more than some scare tactics targeting a 4 year old OS (not mentioned in the title, though) and lists it as something very actual, when in fact is completely outdated. Great journalism, indeed.

 

[house70]

This is like complaining about WinMe security flaws.

 

[ThisIsMe]

You guys all read the article and then got stop on the one example that they gave. Remember it's just an example. The flaw is still present in the newest versions as well. So if you update from 4.3 to 4.4 and the new version/update has additional permission options then apps can take malicious advantage of that as well. However, this will probably never get to be a huge deal, but it could just the same.